Blog

Pondera FraudCast Blog

Pondera FraudCast

Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.

Another federal subsidy program is garnering congressional attention for large amounts of fraud, waste, and abuse. This time it’s the Lifeline program that provides discounts to low-income households for home or wireless telephone and broadband service. This program, which many Americans have likely never heard of, distributed $1.5 billion in subsidies to 12.3 million households in 2016.

The problem is that a recent study by the General Accounting Office (GAO) could not confirm the eligibility of a whopping 36% of program beneficiaries. The surprising part of this is that validating eligibility is as straightforward as checking an applicant’s enrollment form against a qualifying benefit program, such as Medicaid-- if someone has already been deemed eligible for Medicaid, then they are also eligible for Lifeline.

It is also troubling to note that the 84-page GAO report comes after a 2010 study that found problems with the program and led to a number of recommended reforms in 2012. Fast forward five years to today, and the problems persist.

Fraud in Lifeline stems from several factors common to most government programs: pressure to distribute timely benefits, a lack of effective data matching, and service providers (in this case telecommunications carriers) that benefit from a lack of control. The GAO actually called this last one out in their report when they explained that “companies may have financial incentives to enroll as many customers as possible” despite questionable eligibility.

None of the problems outlined in the report are particularly difficult to solve from a technical standpoint. But turf battles often lead to data sharing problems that lead to eligibility validation issues. And an unwillingness to enforce fraud reforms on businesses provides them with incentives to simply “look the other way”. Multiply this problem over the 2,300 federal subsidy programs operating today, and this adds up to a lot of money, all lost due to fraudulent, wasteful behavior.

Related Posts

The USDA recently announced a pilot program, starting this August, to offer online access to groceries for Supplemental Nutrition Assistance Program (SNAP) recipients in seven states. Groceries will be delivered to the recipients’ homes by seven participating retailers including familiar names such as Amazon, Safeway, and Shoprite.

For many SNAP participants, this is both a tremendous convenience (saving them time) and a potential necessity (providing access to healthy foods in rural and urban “food deserts”). In fact, America’s poor have higher access to the Internet than they do to cars: 88% to 79.6%. And no one can argue that time spent with family, working, or seeking work is more valuable than time spent commuting to and shopping in grocery stores.

Of course, online transactions often lead to more opportunities for fraud. And for their part, the USDA is mandating stricter controls than those required for non-SNAP transactions, including the use of a secure PIN number on all SNAP transactions. They have also provided funding in recent years to help states address benefit card trafficking problems.

It is also known that when large sums of money are distributed through online transactions, bad actors will innovate new ways to defraud the system. In 2014, while the improper payment rate in SNAP was relatively low at 3.66%, this still represented over $2.5 billion. Perhaps more concerning is that for 2015, after the USDA worked with all 50 states to assess their payment accuracy rates, they were not able to provide an overall improper payment rate for the SNAP program because data from 42 of the 53 reporting agencies could not be validated.

In many ways, this situation encapsulates the challenges facing government organizations. While their main directive is to provide important services to citizens – which I believe includes online access to nutritious foods—they also must protect the taxpayers’ money and make sure benefits go to those who are qualified to receive them. We wish the USDA luck with this new pilot and stand ready to assist our state government clients in their program integrity efforts.

I believe that simple things can make a big difference. This week, for example, I went through self-checkout at a local grocery store and the keypad gave me the options of “debit card” or “all other tenders” to complete my transaction. “All other tenders”—who talks like that? No doubt there was a group of people that decided that, technically, “tenders” was the best word to cover all the other options. It doesn’t really matter that it makes the system more confusing. That’s my problem.

Software systems suffer from this problem perhaps more than any other consumer product. I remember the old joke about having to go to the “start” button to stop the computer. This still happens, despite the fact that experience has shown us that the single most important feature contributing to the success of software is usability.

Put simply, even the most powerful system is completely worthless if people can’t figure out how to use it. My own brother discovered this when he recently decided to switch from the iPhone to an Android phone for the additional capabilities. Not a very technical person, he quickly switched back complaining that he was utterly confused by the “full fledged computer” he was carrying around in his pocket.

At Pondera, we make the claim that our system is “built by investigators, for investigators.” And it’s true. Our most important design principle is to “mask” the underlying complexity of the system and provide analysts and investigators with an intuitive system that works the way they do. Technical people can’t do this. Data scientists can’t do this. Only investigators can do this. That’s why we hire them and task them with our most important work.

A few months ago, I wrote an article offering our support to the USDA Food and Nutrition Service (FNS) as it rolls out a new program offering online access to groceries for Supplemental Nutrition Assistance Program (SNAP) recipients. My main concern with the new initiative was that FNS cannot provide an accurate SNAP fraud rate because of unreliable data coming in from the states. And we all know that offering goods and services online presents even more opportunities for fraud.

Now Congress is asking FNS additional questions in a letter sent to them on February 8th. Outlining the lawmakers’ concerns, the letter points out that as many as 10% of retailers who accept SNAP EBT cards participate in illegal trafficking schemes. These schemes pay recipients a discounted amount of cash or unapproved grocery items in exchange for their cards. They go on to point out that total annual fraud in the program is over $858 million.

The massive size of the SNAP program is one of the major reasons, historically at least, it is so difficult to detect fraud. In 2016, the program distributed $67 billion in benefits to 44 million Americans through 260,000 authorized retailers. Interestingly though, as much as 85% of the retailer fraud is committed by small grocery and convenience stores, or even flea markets like the one in Opa-Locka, FL that we recently wrote about.

With the advent of cloud computing and advanced analytics solutions, FNS now has access to the tools required to make a real difference in their fight against fraud. And by addressing the retailer side of the equation, they will also find, through association, many of the fraudulent individuals in the system as well. It would certainly make sense for FNS to leverage modern fraud detection technologies at the same time that they offer online access to groceries.

It is also important to note that the number of SNAP program retailers and recipients, while large, is very manageable. Consider that at Pondera we’ve performed equally complex fraud analytics on Medicaid programs with as many as 200,000 providers and Unemployment Insurance systems with over 1,000,000 employers. And when one considers that the overwhelming majority of SNAP trafficking fraud occurs in a concentrated subsection of small and medium retailers, the problem becomes even more manageable.

At Pondera, we are often asked whether fraud detection algorithms will ever completely replace human investigators. And while I can’t address the “ever” part of the question, I can confidently state that it will not happen in the foreseeable future. One of the major reasons for this? Prediction models, like many people, struggle to distinguish between cause and effect.

A Stanford University professor recently shared her studies on this topic which support many of our own findings. She noted that while prediction algorithms are excellent at finding patterns in large data sets, their effectiveness is limited because they struggle with determining causation. An example she used is that algorithms have been shown to help identify patients who should not receive hip surgery because they would likely die of other causes. However, the algorithms are unable to prioritize those patients who should receive the surgery.

In several cases, the professor notes that correlation can be as low as 50%. And she properly notes that while this may be fine in certain situations, governments simply cannot conduct such high-risk experiments with social welfare, economic policies, and other important matters. And unlike controlled environments, such as those that use placebos to test medications, the real world is simply too messy and unpredictable to control all factors.

This problem of causation identifies an important intersection between human reasoning and prediction algorithms. We believe that in complex, rapidly changing environments like fraud detection, effective detection systems combine the power of modern detection algorithms with experienced human reasoning.

By leveraging the individual strengths of both machine and human learning, we can analyze massive data sets and make sense of the findings. We regularly use the system to find the problem and ask the human experts to help explain the problem. This makes the results actionable, which ultimately is what our government partners require.

Regular readers of our blog know that Pondera has strong feelings about the need to protect the elderly from abuses while they are being cared for in facilities and their homes. In fact, in April of this year we wrote about the devastating abuses in nursing homes that continue to plague the elderly. Now, a number of states are stepping up the pressure on the federal government to allow them to more effectively fight the problem.

In a letter dated May 11th, 37 states’ attorney generals requested that the U.S. Department of Health and Human Services eliminate several restrictions on the use of Medicaid Fraud Control Unit (MFCU) funds. In the letter, they point out that 10% of elderly Medicaid recipients who receive care in their homes will be abused. They also cite a report that indicates that only 1 in 24 incidents are ever reported.

Specifically, the states asked for the ability to use the funds to “investigate and prosecute abuse and neglect of Medicaid beneficiaries in non-institutional settings” and to “screen complaints or reports alleging potential abuse or neglect”. In effect, this would allow the states to close “loopholes” in the use of MFCU funds that were previously only available to investigate abuses in facilities. And they point out that Medicaid currently covers over 6.4 million people over the age of 65.

At Pondera, we are pleased to see this increased attention by the MFCU. In addition to physical abuse, we also see other types of in-home abuses including identity theft (often strong-armed) that leads to theft from other government programs. We applaud the states’ continuing efforts to address this heinous problem and hope their progress is dramatic and expedient.

By this time, just about everyone has watched or read a news report about the WannaCry ransomware attack that hit the world’s computer networks on May 12th. Multiple variants of the program will likely attack computers for the foreseeable future, forcing individuals to pay bitcoin ransom or lose their data and causing serious harm to businesses including hospitals and governments.

Plenty has been written about the source of the attack and how it works. So, while every “connected” person should read about WannaCry to help protect themselves against future attacks, I don’t see any need to cover this ground here. For me, though, two interesting facets of the story really stand out.

First, I find it fascinating and somewhat inspiring that the attack was stopped by a 22-year-old vacationing cyber analyst who goes by the name MalwareTech; with assistance from his colleague Kafeine. These two, and countless others, operate in a world that most of us know almost nothing about to keep our systems safe. It reminds me of the classic Jack Nicholson speech from “A Few Good Men” where he excoriates Tom Cruise for challenging him while he protects our safety. Of course, in this example, there is no evidence of MalwareTech or Kafeine “fragging” any of their tech colleagues.

The second interesting point I took form this attack was that most of us could have protected ourselves simply by updating our operating systems and virus protection software. This is a conversation I’ve had innumerable times with my own family. Of course, this also puts software manufacturers in the difficult position of patching years-old operating systems to accommodate those who won’t or can’t upgrade.

Bottom line for me: this is just another reminder to remain vigilant and to be thankful for the computer techs who have dedicated their careers to protecting us from those who have chosen to attack us. I hope you can “handle that truth”.